Subject: Re: compat_hpux, systrace
To: Andrew Doran <>
From: Perry E. Metzger <>
List: tech-security
Date: 12/25/2007 12:13:55
Andrew Doran <> writes:
> Unless there is a compelling reason not to, I'm going to remove these two
> misfeatures because they impose an unjustified maintenence burden on the
> kernel developers.
> systrace can be circuvented easily, and if it breaks, it's usually months
> before anyone notices. compat_hpux is highly unlikely to be of use.
> Comments?

The implementation of systrace is broken, but the functionality it in
theory provides is of tremendous value -- being able to constrain the
behavior of programs provides a very big tool for securing software.
I would suggest that it would be important to think of a way to
re-implement the functionality in such a way that it worked correctly.

Perry E. Metzger